Messages

Oh, yes, dumb me...

When accessing from my phone's mobile network, it works, so your first assumption was right.

Thank you for the fast and right-to-the-point answer

hank

Hello

A bit new ro opnsense, so bear with me.

I have a home network of a few servers on DMZ plus LAN for a few workstations with OPNsense 24.1 having four interfaces: FC, DMZ, LAN and WireGuard. On my laptop with WireGuard active I can access everything I need from DMZ but nothing from LAN (basically I would need to access my main workstation when not home via RDP). When my laptop is in LAN network everything works great.

So I would need to open RDP for one (static) IP from WireGuard net. But whatever I have tried seems to work. As I see it, it should be one firewall rule to add, but to where?

Sorry for the newby question but we all have been newbies, one day, right? :)

wbr hank

In my case I think that OPNsense _is_ the router.

There are four NICs and I basically would love to be able to route traffic from DMZ out to internet via WAN-interface (and keep the LAN tied to FC interface).

Only can't figure out how on earth...

hank

Hello

I have setup a system with two gateways WAN (5G static IP) and FC (fiber, DHCP).
I also have two interfaces: LAN and DMZ.
On DMZ there is a web server and a database server.
Internet users come in through the WAN IP. LAN goes out via FC.
I have a firewall rule that passes traffic from WAN (static) IP on ports 80 & 443 to the server in DMZ and it works flawlessly both from LAN as well as from Internet.

I thought great, it's fine. Only it wasn't.

Now I see that going out from the web server doesn't work at all.
Can't get DNS, can't update OS, heck can't even ping to 8.8.8.8.
Probably most of the things might work fine, if I only could route the DMZ computer to Internet via that WAN interface. At least I think it might.
Only haven't been able to figure it out at all how to achieve it.
Can anybody explain how to implement that? Spoon-fed would be great but I try to understand things on a higher level also if at all possible.

wbr
hank

P.S. If you ask me why, my FC doesn't currently allow traffic from http(s) in so O'm stuck with 5G for the server.

Thank you.

I try to find another NIC, feels simpler to me :)

hank

I have a PC setup with one motherboard NIC plus 3 Ethernet NIC via 3 PCI slots.

I have installed OPNsense firewall with currently LAN, DMZ and WAN interfaces. The current WAN is via 5G but I also have a fiber that I am trying to add. But there are only three interfaces visible (re0, re1 and re2). The computer used to be an Ubuntu earlier (like a day ago) and I am quite positive that all four NICs were functional.

Any ideas how to by-pass this problem?

wbr

hank

Thank you.

I really appreciate the pointer to policy based routing. I am basically a programmer and a lesser extent an admin and even lesser network guy but let's find out how things torn out.

I will probably try this in this weekend. Fortunately I have an extra HDD so in case of emergency I can "go back" to the Linux installation if things go badly just by exchanging the disks...

wbr

hank

Hello I am (hopefully) a new OPNsense user and have a bit peculiar home office setup. I am currently using an Ubuntu based firewall but would need something a bit stronger firewall/router using the current PC hardware.

So I would like to know if it is possible to build an OPNsense FW with the following setup:

I have two WANs (5G and FC). I would also like to have two LAN interfaces: DMZ for servers and LAN for family members, printers, WLAN.

I just got the FC and for that I would prefer routing DMZ to internet via 5G (which has fixed IP) and LAN via FC (and later also moving DMZ to use FC  if/when DDNS works / or I get the fixed IP via FC). I try to minimize the hassle with the external users of DMZ servers.

So does this look like an acheivable goal usin OPNsense?

wbr

hank